You’ll serve as a SOAR architect and will work independently with clients to support the onboarding and post installation services of the Siemplify platform. We need someone with a deep understanding of security constructs in addition to a wide array of technologies.
You’ll work with many different products and technologies, including not limited to: Splunk, ELK stack, Databases (Postgres, MSSQL, MySQL), DLP systems, EDR systems, ticketing systems, among others. You’ll use your knowledge of these systems to help customers build playbooks in Siemplify to support their business goals. You’ll be expected to develop and maintain integration scripts that connect Siemplify to external systems.
To be successful in this role you need experience in scripting, regex, database systems, and general development best practices. Additionally, expert knowledge of Unix/Linux (RHEL/Centos preferred) and Windows OS.
Develop automation and orchestration use cases in Siemplify
Develop integrations and custom actions using Python to support playbooks
Lead multiple, complex projects and apply innovative solutions to systems and applications problems.
Learn & understand the customer’s business requirements and define and implement solutions within Siemplify to meet their needs.
3 – 5 years in a Security Engineering position
Ability to communicate effectively in crisis situations with all levels of an organization from Engineering/Operations to CIO/CISO audiences
Ability to refine and translate complex requirements and execute best practice solutions
Proficient working in multiple Security domains (e.g., Cryptography, Authentication, Authorization, OWASP, Vulnerability Management, Threat Modeling, Identity Management)
Experience with multiple scripting languages with preferred 2-3 years in Python
Experience in programming utilizing REST API based / SOAP API based automation
Familiarity with code versioning tools such as Git, SVN, etc.
Working knowledge of Web Services, SOAP, JSON and XML technologies.
Experience with one or more SIEM tools (Splunk, qRadar, ArcSight) and enterprise logging solutions
Knowledge of different database technologies and query languages (Postgres, MariaDB, MSSQL)
Skilled on a wide range of security technologies: firewalls, EDR, email security platforms, vulnerability management, malware analysis
Skilled with a variety of general IT technologies: virtualization, route/switch, IDS/IPS, database technologies, containers
Experience with Splunk
Strong knowledge of object oriented concepts
Experience in Bash, Linux Shell or PowerShell scripting.
Professional certification in the information security space (e.g., CISM, CISSP, CISA, GIAC) or other security certification at a similar level
Familiarity with security frameworks associated with one or more industry standards (e.g., COBIT, COSO, HIPAA/HITECH, ISO, ITIL, NIST, PCI DSS, SOC or SOX)